Español

CyberArk

Phil Lepanto
  • Updated

CyberArk Single Sign On Setup 

Use these instruction to integrate CyberArk as a Single Sign On provider for DigitSec.

  1. In your CyberArk administration web interface using the site navigation, visit "Identity Administration".
  2. Expand the "Apps & Widgets" option to select "Web Apps". Click the "Add Web Apps" button.
  3. Activate the "Custom" tab and then scroll the list of options in the right hand portion of the screen to find the "SAML" option, click the "Add" button for SAML. Click "Yes" on the confirmation dialog that appears.
  4. A new app will be created and will then be displayed to you. See the screenshot below for an example.
  5. Click on the App name in the "Web Apps" to access the Settings. Give this app a name. Then, use the Left Hand navigation to visit the "Trust" page. Scroll the resulting page to find the "Service Provider Configuration" section header. Choose "Manual Configuration" and use the settings as indicated in the screenshot below. *
    SP Entity ID / Issuer / Audience: https://s4.digitsec.com/dashboard
    Assertion Consumer Service URL: https://s4.digitsec.com/auth/saml
    Recipient: Same as ACS URL Checked
    Sign Response or Assertion: Response
    NameID Format: emailAddress
    Enable SHA256 for Signing Certificate during Single Logout: Checked
    Authentication Context Class: unspecified

    * Please note that Customers using our Australian infrastructure should use s413.digitsec.com instead of s4.digitsec.com for the Issuer and Consumer Service URLs.

     
  6. Use the Permissions Tab on the left. Click Add -> Search for the relevant user and click "Add".
  7. Once your user is added, enable the appropriate permissions. For this example, we are enabling all permissions as seen below. (The example user is "cloudadmin").
  8. When ready, click the "Save" button at the bottom of the page. The status of the application will change from "Ready to Deploy" to "Deployed".
  9. Go to Core Services --> User. Find the user you added and click on the record to access the account. Click on "Application Settings in the left-hand navigation. (The example user is "cloudadmin").
  10. Click the "Add" button and select the DigitSec, Inc. App  you created earlier. Click the "Save" button.
  11. The next screen will request to set the User Name. Please use the same User Name that you use to login to DigitSec. (The example is info@digitsec.com).
     

  12. Return to the Apps & Widgets -> Web Apps and click on the DigitSec, Inc. App. The use the left-hand navigation to open the Trust panel. The values you find on this panel will be used by DigitSec, Inc.

    In a separate browser window, navigate to DigitSec and login. Then go to Configure -> Integrations -> Set up Single Sign-On. A dialog window will open up. Please match the Cyberark trust details to the DigitSec inputs:
     

    DigitSec Cyberark
    Identity Provider Issuer IdP Entity ID / Issuer
    Identity Provider SSO Url Single Sign On URL
    X.509 Certificate Signing Certificate
    Use the default value in the dropdown menu
    Use the download button to capture the certificate as a file. 
    Upload the .cer file to DigitSec using the small blue button with the up-arrow icon.
  13. On the DigitSec screen, click the "Verify and Save" button. You should see a sucecss message. The SSO Configuration is now complete and you can start using DigitSec with CyberArk SSO.